cbcvebase.
CVE-2022-3559
published 2022-10-17

CVE-2022-3559: A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation…

PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
3.66%
88.2th percentile
A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.

Affected

5 ranges
VendorProductVersion rangeFixed in
debianexim4< exim4 4.96-4 (bookworm)exim4 4.96-4 (bookworm)
eximexim< 4.974.97
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH
vendor_debian4.6MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.